pkgs/tools/security/swtpm/default.nix at 21.05

tjh.dev / nixpkgs

fork atom

nixpkgs mirror (for testing) github.com/NixOS/nixpkgs

nix

fork atom

nixpkgs / pkgs / tools / security / swtpm / default.nix

at 21.05 76 lines 1.6 kB view raw

wrap content

 1{ lib
 2, stdenv
 3, fetchFromGitHub
 4, autoreconfHook
 5, pkg-config
 6, libtasn1, openssl, fuse, glib, libseccomp
 7, libtpms
 8, unixtools, expect, socat
 9, gnutls
10, perl
11, python3, python3Packages
12}:
13
14stdenv.mkDerivation rec {
15  pname = "swtpm";
16  version = "0.5.2";
17
18  src = fetchFromGitHub {
19    owner = "stefanberger";
20    repo = "swtpm";
21    rev = "v${version}";
22    sha256 = "sha256-KY5V4z/8I15ePjorgZueNahlD/xvFa3tDarA0tuRxFk=";
23  };
24
25  pythonPath = with python3Packages; requiredPythonModules [
26    setuptools
27    cryptography
28  ];
29
30  patches = [
31    # upstream looks for /usr directory in $prefix to check
32    # whether or not to proceed with installation of python
33    # tools (swtpm_setup utility).
34    ./python-installation.patch
35  ];
36
37  prePatch = ''
38    patchShebangs src/swtpm_setup/setup.py
39    patchShebangs samples/setup.py
40  '';
41
42  nativeBuildInputs = [
43    pkg-config unixtools.netstat expect socat
44    perl # for pod2man
45    autoreconfHook
46    python3
47  ];
48  buildInputs = [
49    libtpms
50    openssl libtasn1 libseccomp
51    fuse glib
52    gnutls
53    python3.pkgs.wrapPython
54  ];
55  propagatedBuildInputs = pythonPath;
56
57  configureFlags = [
58    "--with-cuse"
59  ];
60
61  postInstall = ''
62    wrapPythonProgramsIn $out/bin "$out $pythonPath"
63    wrapPythonProgramsIn $out/share/swtpm "$out $pythonPath"
64  '';
65
66  enableParallelBuilding = true;
67
68  outputs = [ "out" "man" ];
69
70  meta = with lib; {
71    description = "Libtpms-based TPM emulator";
72    homepage = "https://github.com/stefanberger/swtpm";
73    license = licenses.bsd3;
74    maintainers = [ maintainers.baloo ];
75  };
76}